D-Link DSL-224 firmware version 3.0.10 post authentication command execution
CVE-2023-32223

8.8HIGH

Key Information:

Vendor: D-link
Status: Dsl-224 Firmware Version 3.0.10
Vendor: CVE Published:; 28 June 2023

What is CVE-2023-32223?

The D-Link DSL-224 firmware version 3.0.10 is susceptible to a command execution vulnerability that occurs post-authentication. This vulnerability allows attackers to execute commands on the device through an unspecified method, potentially compromising device integrity and security. It is crucial for users to take preventive measures to secure their devices against potential exploits.

Affected Version(s)

DSL-224 firmware version 3.0.10 Update to the latest version

References

https://www.gov.il/en/Departments/faq/cve_advisories

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 28, 2023
Vulnerability Reserved
May 4, 2023

Credit

Nerya Zadkani

D-link

What is CVE-2023-32223?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit